search

opensearch-project / security-analytics

Security Analytics enables users for detecting security threats on their security event log data. It will also allow them to modify/tailor the pre-packaged solution.
Apache License 2.0
64 stars 69 forks source link

Refresh API and adds Update TIF Source Config logic #1078

Closed jowg-amazon closed 1 week ago

jowg-amazon commented 2 weeks ago

Description

This PR adds the refresh API and refactors some logic from the source config runner to the service class. It also adds logic to update the source config.

Issues Resolved

[List any issues this PR will resolve]

Check List

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license. For more information on following Developer Certificate of Origin and signing off your commits, please check here.

AWSHurneyt commented 2 weeks ago

For Create tif source config API: we need to

  1. create tif source config and index it with state as CREATING
  2. invoke ioc download.
  3. update as AVAILABLE if download succeeds. else delete feed from index and return ERROR.

This is in reference to https://github.com/opensearch-project/security-analytics/pull/1077/files#diff-e2af2dcb9a2eff5b384869ea9c85d1649dd3b63ad03ebe2963c1f304dec40402R114

jowg-amazon commented 2 weeks ago

@eirsep Updated the logic when creating the source config so that we index the CREATING state first before downloading and saving the IOCS, added a TODO to delete ioc indices if failed